A total of 24 Kenyans were arrested in an international joint operation for Sh1.1 billion online credit card fraud targeting Kenyan financial institutions.
The operation by the International Criminal Police Organization (Interpol) and the African Union police body (Afripol) led to the arrest of the fraudsters where it was established that USD8.6 million was stolen through fraudulent scripts run after altering the banking system’s security protocol.
“In Kenya, officers cracked a case of online credit card fraud linked to losses of $8.6 million. The funds, stolen through fraudulent scripts run after altering the banking system’s security protocol, were promptly redistributed by the group via SWIFT to companies in the United Arab Emirates, Nigeria and China and subsequently, to digital asset institutions offering trading and financial services regulated in multiple jurisdictions. Nearly two dozen arrests have been made so far,” the Interpol said in a statement.
The funds were then promptly redistributed by the group via SWIFT to companies in the United Arab Emirates, Nigeria and China and subsequently, to digital asset institutions offering trading and financial services regulated in multiple jurisdictions.
The France-based police organization and the Statute of the African Union Mechanism for Police Cooperation (Afripol) said the authorities across 19 African countries arrested a total of 1,006 suspects and dismantled 134,089 malicious infrastructures and networks.
Afripol team has been in the country for the joint operation.
It is currently being chaired by Inspector General of Police Douglas Kanja.
The operation, code named Serengeti, targeted criminals behind ransomware, business email compromise (BEC), digital extortion, and online scams—all identified as prominent threats in the 2024 Africa Cyber Threat Assessment Report.
“More than 35,000 victims were identified during the operation, with cases linked to nearly $193 million in financial losses worldwide,” Interpol said.
The organisation added that information provided by participating countries of ongoing cases with Interpol fed into 65 Cyber Analytical Reports that were produced to ensure actions on the ground were intelligence-led and focused on the most significant actors.
Private sector partners, including Internet Service Providers, also played a vital role by sharing intelligence, supporting analysis and disrupting criminal activities.
They provided on-site support and offered round-the-clock remote assistance to patch vulnerabilities and secure critical infrastructure for the participating member countries.
“From multi-level marketing scams to credit card fraud on an industrial scale, the increasing volume and sophistication of cybercrime attacks is of serious concern,” they said.
Ambassador Jalel Chelba, Afripol Executive Director said they have significantly enhanced support for law enforcement in African Union Member States.
“We’ve facilitated key arrests and deepened insights into cybercrime trends. Our focus now includes emerging threats like AI-driven malware and advanced attack techniques,” he said.
In Senegal, eight people, including five Chinese nationals, were arrested for a USD 6 million online Ponzi scheme affecting 1,811 victims.
A search of their apartment uncovered over 900 SIM cards, $11,000 in cash, phones, laptops, and copies of victims’ ID cards.
Nigerian authorities arrested a man accused of running online investment scams.
He is believed to have made upwards of $300,000 by luring victims through messaging platforms with false promises of cryptocurrency returns.
According to the Interior Ministry, Kenya has enhanced its capacity in building a secure cyberspace and in the investigation of the rising cyber-related crimes.
"The country has also joined an international convention, the Council of Europe (CoE) convention on Cybercrime, otherwise known as the “Budapest Convention.”
The Convention’s objectives include to harmonize national laws related to cyber-related crime; support the investigation of these crimes; and increase international cooperation in the fight against cybercrime.
It also provides for the criminalization of conduct ranging from illegal access, data and systems interference to computer-related fraud and child pornography; procedural law tools to investigate cybercrime and secure electronic evidence in relation to any crime; and efficient international cooperation.
According to the Internal Security Principal Secretary Raymond Omollo, joining the convention allows Kenya have a legal basis for international cooperation on cybercrime and electronic evidence, participate in the negotiation of future instruments and the further evolution of the Convention.
He warned that as Kenyans become more reliant on technology, the threats they face grow more sophisticated and it was therefore essential that the country build strong cyber security capabilities to, among other things protect the digital future and remain prepared to face these challenges head-on.
He also revealed that the cyber security threats come from many sources including state-sponsored actors, hackers, intruders, and individuals who misuse their skills for malicious purposes.